Certified code is a general mechanism for enforcing security properties. In this paradigm, untrusted mobile code carries annotations that allow a host to verify its trustworthine...
The relationships between the work products of a security engineering process can be hard to understand, even for persons with a strong technical background but little knowledge o...
In the proposed mandatory access control model, arbitrary label changing policies can be expressed. The relatively simple model can capture a wide variety of security policies, in...
Many applications process or transform a stream of data. Such applications are organized as a sequence of different stages, which may be independent enough to be simultaneously car...
Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-toend argument that the ...